Re: [OAUTH-WG] New Version Notification for draft-fett-oauth-dpop-03.txt

Justin Richer <> Fri, 22 November 2019 07:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CB5E5120033 for <>; Thu, 21 Nov 2019 23:24:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.198
X-Spam-Status: No, score=-4.198 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id NE5iIjJ3PAj7 for <>; Thu, 21 Nov 2019 23:24:50 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1D2B812008A for <>; Thu, 21 Nov 2019 23:24:49 -0800 (PST)
Received: from ( []) (authenticated bits=0) (User authenticated as jricher@ATHENA.MIT.EDU) by (8.14.7/8.12.4) with ESMTP id xAM7OgNo020786 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 22 Nov 2019 02:24:46 -0500
From: Justin Richer <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_A139A001-C7CB-47B1-8D4C-B3F2F17CFA6D"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Fri, 22 Nov 2019 15:24:41 +0800
In-Reply-To: <>
Cc: Neil Madden <>, oauth <>
To: Dick Hardt <>
References: <> <> <>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <>
Subject: Re: [OAUTH-WG] New Version Notification for draft-fett-oauth-dpop-03.txt
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 22 Nov 2019 07:24:52 -0000

I’m going to +1 Dick and Annabelle’s question about the scope here. That was the one major thing that struck me during the DPoP discussions in Singapore yesterday: we don’t seem to agree on what DPoP is for. Some (including the authors, it seems) see it as a quick point-solution to a specific use case. Others see it as a general PoP mechanism. 

If it’s the former, then it should be explicitly tied to one specific set of things. If it’s the latter, then it needs to be expanded. 

I’ll repeat what I said at the mic line: My take is that we should explicitly narrow down DPoP so that it does exactly one thing and solves one narrow use case. And for a general solution? Let’s move that discussion into the next major revision of the protocol where we’ll have a bit more running room to figure things out.

 — Justin

> On Nov 22, 2019, at 3:13 PM, Dick Hardt <> wrote:
> On Fri, Nov 22, 2019 at 3:08 PM Neil Madden < <>> wrote:
> On 22 Nov 2019, at 01:42, Richard Backman, Annabelle < <>> wrote:
>> There are key distribution challenges with that if you are doing validation at the RS, but validation at the RS using either approach means you’ve lost protection against replay by the RS. This brings us back to a core question: what threats are in scope for DPoP, and in what contexts?
> Agreed, but validation at the RS is premature optimisation in many cases. And if you do need protection against that the client can even append a confirmation key as a caveat and retrospectively upgrade a bearer token to a pop token. They can even do transfer of ownership by creating copies of the original token bound to other certificates/public keys. 
> While validation at the RS may be an optimization in many cases, it is still a requirement for deployments.
> I echo Annabelle's last question: what threats are in scope (and out of scope) for DPoP?
> _______________________________________________
> OAuth mailing list